3月19日每日安全热点 - FBI称2020因网安问题经济损失超42亿美元

2021-03-19 09:30:35 360安全客安全资讯 6732 4

Inspired by 360CERT

恶意软件 Malware

XcodeSpy恶意软件针对苹果开发者发动攻击

https://www.bleepingcomputer.com/news/security/new-xcodespy-malware-targets-ios-devs-in-supply-chain-attack/

安全研究 Security Research

Github Actions安全研究

https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html

CVE-2020-23968

https://ricardojba.github.io/CVE-2020-23968-ILEX-SignGo-EoP/

CVE-2021-26236

https://voidsec.com/fuzzing-faststone-image-viewer-cve-2021-26236/

MyBB RCE

https://blog.sonarsource.com/mybb-remote-code-execution-chain

安全工具 Security Tools

CISA发布新的Solarwinds检测工具

https://www.bleepingcomputer.com/news/security/cisa-releases-new-solarwinds-malicious-activity-detection-tool/

安全资讯 Security Information

美国安全人员称延长纳税申报期会增加钓鱼攻击风险

https://www.bleepingcomputer.com/news/security/us-taxpayers-targeted-with-rat-malware-in-ongoing-phishing-attacks/

安全报告 Security Report

FBI称2020因网安问题经济损失超42亿美元

https://www.bleepingcomputer.com/news/security/fbi-over-42-billion-officially-lost-to-cybercrime-in-2020/

安全客 Security Geek

Chrome Issue 941743漏洞分析

https://www.anquanke.com/post/id/234429

（完）